One of the biggest challenges for financial institutions today is protecting access to customer information. How can you be sure the person logging into a customer’s Internet banking application is who they claim to be? Since the inception of authentication, we have almost exclusively relied on passwords for authentication. But the FFIEC’s Authentication in an Internet Banking Environment states that passwords, at least alone, are not good enough. The guidance introduces requirements for dual or multifactor authentication. While proving an added layer of security, the extra factors tend to be some other question or the use of a token. This becomes cumbersome for the user, struggling to remember yet another password and then maintaining possession of a token or having to either look up or log into yet another location (with another password) to obtain the answer to some out-of-wallet question. Now, thanks to some technology improvements and perhaps the necessity of a more convenient process, biometric authentication is beginning to see more widespread use.
Length: 2 pages (PDF 53 kB)